def fetch_ca(project_id=None):
if not CONF.use_project_ca:
project_id = None
ca_file_path = ca_path(project_id)
if not os.path.exists(ca_file_path):
raise exception.CryptoCAFileNotFound(project=project_id)
with open(ca_file_path, 'r') as cafile:
return cafile.read()
class CertificatesTestV21(test.NoDBTestCase):
certificates = certificates_v21
url = '/v3/os-certificates'
certificate_show_extension = 'os_compute_api:os-certificates:show'
certificate_create_extension = \
'os_compute_api:os-certificates:create'
def setUp(self):
super(CertificatesTestV21, self).setUp()
self.context = context.RequestContext('fake', 'fake')
self.controller = self.certificates.CertificatesController()
self.req = fakes.HTTPRequest.blank('')
def test_translate_certificate_view(self):
pk, cert = 'fakepk', 'fakecert'
view = self.certificates._translate_certificate_view(cert, pk)
self.assertEqual(view['data'], cert)
self.assertEqual(view['private_key'], pk)
def test_certificates_show_root(self):
self.mox.StubOutWithMock(self.controller.cert_rpcapi, 'fetch_ca')
self.controller.cert_rpcapi.fetch_ca(
mox.IgnoreArg(), project_id='fake').AndReturn('fakeroot')
self.mox.ReplayAll()
res_dict = self.controller.show(self.req, 'root')
response = {'certificate': {'data': 'fakeroot', 'private_key': None}}
self.assertEqual(res_dict, response)
def test_certificates_show_policy_failed(self):
rules = {
self.certificate_show_extension: common_policy.parse_rule("!")
}
policy.set_rules(rules)
exc = self.assertRaises(exception.PolicyNotAuthorized,
self.controller.show, self.req, 'root')
self.assertIn(self.certificate_show_extension, exc.format_message())
def test_certificates_create_certificate(self):
self.mox.StubOutWithMock(self.controller.cert_rpcapi,
'generate_x509_cert')
self.controller.cert_rpcapi.generate_x509_cert(
mox.IgnoreArg(), user_id='fake_user', project_id='fake').AndReturn(
('fakepk', 'fakecert'))
self.mox.ReplayAll()
res_dict = self.controller.create(self.req)
response = {
'certificate': {
'data': 'fakecert',
'private_key': 'fakepk'
}
}
self.assertEqual(res_dict, response)
def test_certificates_create_policy_failed(self):
rules = {
self.certificate_create_extension: common_policy.parse_rule("!")
}
policy.set_rules(rules)
exc = self.assertRaises(exception.PolicyNotAuthorized,
self.controller.create, self.req)
self.assertIn(self.certificate_create_extension, exc.format_message())
@mock.patch.object(
rpcapi.CertAPI,
'fetch_ca',
side_effect=exception.CryptoCAFileNotFound(project='fake'))
def test_non_exist_certificates_show(self, mock_fetch_ca):
self.assertRaises(exc.HTTPNotFound, self.controller.show, self.req,
'root')
class CertificatesTestV21(test.NoDBTestCase):
certificates = certificates_v21
url = '/v2/fake/os-certificates'
certificate_show_extension = 'os_compute_api:os-certificates:show'
certificate_create_extension = \
'os_compute_api:os-certificates:create'
def setUp(self):
super(CertificatesTestV21, self).setUp()
self.context = context.RequestContext('fake', 'fake')
self.controller = self.certificates.CertificatesController()
self.req = fakes.HTTPRequest.blank('')
def test_translate_certificate_view(self):
pk, cert = 'fakepk', 'fakecert'
view = self.certificates._translate_certificate_view(cert, pk)
self.assertEqual(view['data'], cert)
self.assertEqual(view['private_key'], pk)
@mock.patch.object(rpcapi.CertAPI, 'fetch_ca', return_value='fakeroot')
def test_certificates_show_root(self, mock_fetch_ca):
res_dict = self.controller.show(self.req, 'root')
response = {'certificate': {'data': 'fakeroot', 'private_key': None}}
self.assertEqual(res_dict, response)
mock_fetch_ca.assert_called_once_with(mock.ANY, project_id='fake')
def test_certificates_show_policy_failed(self):
rules = {self.certificate_show_extension: "!"}
policy.set_rules(oslo_policy.Rules.from_dict(rules))
exc = self.assertRaises(exception.PolicyNotAuthorized,
self.controller.show, self.req, 'root')
self.assertIn(self.certificate_show_extension, exc.format_message())
@mock.patch.object(rpcapi.CertAPI,
'generate_x509_cert',
return_value=('fakepk', 'fakecert'))
def test_certificates_create_certificate(self, mock_generate_x509_cert):
res_dict = self.controller.create(self.req)
response = {
'certificate': {
'data': 'fakecert',
'private_key': 'fakepk'
}
}
self.assertEqual(res_dict, response)
mock_generate_x509_cert.assert_called_once_with(mock.ANY,
user_id='fake_user',
project_id='fake')
def test_certificates_create_policy_failed(self):
rules = {self.certificate_create_extension: "!"}
policy.set_rules(oslo_policy.Rules.from_dict(rules))
exc = self.assertRaises(exception.PolicyNotAuthorized,
self.controller.create, self.req)
self.assertIn(self.certificate_create_extension, exc.format_message())
@mock.patch.object(
rpcapi.CertAPI,
'fetch_ca',
side_effect=exception.CryptoCAFileNotFound(project='fake'))
def test_non_exist_certificates_show(self, mock_fetch_ca):
self.assertRaises(exc.HTTPNotFound, self.controller.show, self.req,
'root')
def fake_get_root_cert_not_found(context, *args, **kwargs):
raise exception.CryptoCAFileNotFound(project='')
